If by lack of security you mean the BOINC projects, then we aught to enforce minimum BOINC client versions within BOINC projects & vote projects out if they don't adhere to the minimum version requirement.

If you mean end user, then nobody is having malware installed here - they consented fully to CE running on their computer AFAIK.